https://github.com/arpsyndicate/puncia

The Panthera(P.)uncia of Cybersecurity - Official CLI utility for Osprey Vision, Subdomain Center & Exploit Observer.
https://github.com/arpsyndicate/puncia

arpsyndicate cyclonedx cyclonedx-sbom exploit sbom sbom-tool subdomain vulnerability

Last synced: 6 days ago
JSON representation

The Panthera(P.)uncia of Cybersecurity - Official CLI utility for Osprey Vision, Subdomain Center & Exploit Observer.

• Host: GitHub
• URL: https://github.com/arpsyndicate/puncia
• Owner: ARPSyndicate
• License: mit
• Created: 2023-09-10T13:10:16.000Z (over 1 year ago)
• Default Branch: master
• Last Pushed: 2025-01-13T12:08:20.000Z (21 days ago)
• Last Synced: 2025-01-22T01:06:25.827Z (13 days ago)
• Topics: arpsyndicate, cyclonedx, cyclonedx-sbom, exploit, sbom, sbom-tool, subdomain, vulnerability
• Language: Python
• Homepage: https://pypi.org/project/puncia/
• Size: 143 KB
• Stars: 645
• Watchers: 12
• Forks: 31
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE
  • Security: SECURITY.md

Awesome Lists containing this project

README

        
# Panthera(P.)uncia

### Official CLI utility for Osprey Vision, Subdomain Center & Exploit Observer

[![Downloads](https://pepy.tech/badge/puncia)](https://pepy.tech/project/puncia)













Puncia utilizes three of our intelligent APIs to gather the results - 


- [Subdomain Center - The World's Largest Subdomain & Shadow IT Intelligence Database](https://subdomain.center)


- [Exploit Observer - The World's Largest Exploit & Vulnerability Intelligence Database](https://exploit.observer)


- [Osprey Vision - The World's Most Bleeding Edge AI for Information Discovery](https://osprey.vision)

**Please note that although these results can sometimes be pretty inaccurate & unreliable, they can greatly differ from time to time due to their self-improvement capabilities.**

**Aggressive rate-limits can be avoided with an API key: https://www.arpsyndicate.io/pricing.html**

## Installation

1. From PyPi - `pip3 install puncia`

2. From Source - `pip3 install .`


## Usage

1.  (PAID) Store an API key (storekey) - `puncia storekey `

2.  (FREEMIUM) Interact with the LLM (chat) - `puncia chat "" `

3.  (PAID) Summarize Webpages with the LLM (summarize) - `puncia summarize "" `

4.  (FREEMIUM) Query Domains (subdomain) - `puncia subdomain  `

5.  (FREEMIUM)Query Replica Domains (replica) - `puncia replica  `

6.  Query Exploit & Vulnerability Identifiers (exploit)

    - (FREE) Russian VIDs with no associated CVEs (^RU_NON_CVE) - `puncia exploit ^RU_NON_CVE  ` 

    - (FREE) Chinese VIDs with no associated CVEs (^CN_NON_CVE) - `puncia exploit ^CN_NON_CVE  `

    - (FREE) Vulnerability & Exploit Identifers Watchlist (^WATCHLIST_IDES) - `puncia exploit ^WATCHLIST_IDES  `

    - (FREE) Vulnerable Technologies Watchlist (^WATCHLIST_TECH) - `puncia exploit ^WATCHLIST_TECH  `

    - (FREEMIUM) [Supported Vulnerability Identifiers](https://github.com/ARPSyndicate/docs?tab=readme-ov-file#supported-vulnerability-identifiers) - `puncia exploit  `

7.  (FREEMIUM) Enrich CVE/GHSA Identifiers (enrich) - `puncia enrich  `

8.  Multiple Queries (bulk/sbom)

    - (FREEMIUM) Bulk Input JSON File Format - `puncia bulk  `

      ```

      {

          "subdomain": [

              "domainA.com",

              "domainB.com"

          ],

          "replica": [

              "domainA.com",

              "domainB.com"

          ],

          "exploit": [

              "eoidentifierA",

              "eoidentifierB"

          ],

          "enrich": [

              "eoidentifierA",

              "eoidentifierB"

          ]

      }

      ```

    - (FREEMIUM) [SBOM Input JSON File Format](https://github.com/CycloneDX/bom-examples/blob/master/SBOM/protonmail-webclient-v4-0912dff/bom.json) - `puncia sbom  `

9.  (FREEMIUM) External Import

    ```

        import puncia

        # Without API Key

        print(puncia.query_api("exploit","CVE-2021-3450"))

        print(puncia.query_api("subdomain","arpsyndicate.io"))

        print(puncia.query_api("chat","write a xss fuzzer in python"))

        # With API Key

        puncia.store_key("ARPS-xxxxxxxxxx")

        print(puncia.query_api("subdomain","arpsyndicate.io", apikey=puncia.read_key()))

        print(puncia.query_api("exploit","CVE-2021-3450", apikey=puncia.read_key()))

        print(puncia.query_api("chat","write a xss fuzzer in python", apikey=puncia.read_key()))

        print(puncia.query_api("summarize","https://www.osintteam.com/combating-the-darkest-depths-of-cyber-intelligence-the-pall-mall-process/", apikey=puncia.read_key()))

    ```




## Noteworthy Mentions

- [Around 1000 exploitable cybersecurity vulnerabilities that MITRE & NIST ‘might’ have missed but China or Russia didn’t.](https://blog.arpsyndicate.io/over-a-1000-vulnerabilities-that-mitre-nist-might-have-missed-but-china-or-russia-did-not-871b2364a526)

- [Utilizing GitHub Actions for gathering Subdomain & Exploit Intelligence](https://blog.arpsyndicate.io/utilizing-github-actions-for-gathering-subdomain-exploit-intelligence-bbc79c19bb85)

- [Introducing Exploit Observer — More than Shodan Exploits, Less than Vulners](https://blog.arpsyndicate.io/introducing-exploit-observer-more-than-shodan-exploits-less-than-vulners-23eaea466e4a)

- [PUNCIA — The Panthera(P.)uncia of Cybersecurity](https://blog.arpsyndicate.io/puncia-the-panthera-p-uncia-of-cybersecurity-ft-puncia-subdomain-center-exploit-observer-9a9d8cca9576)

- [Subdomain Enumeration Tool Face-off - 2023 Edition](https://blog.blacklanternsecurity.com/p/subdomain-enumeration-tool-face-off-4e5)

## More from [A.R.P. Syndicate](https://www.arpsyndicate.io)

- [VEDAS Advisories](https://vedas.arpsyndicate.io)

- [Open Source Intelligence](https://asm.arpsyndicate.io/intelligence.html)

- [Attack Surface Management](https://asm.arpsyndicate.io)